<?php
session_start();
require('../smarty/smarty_config.php');
require_once('../config.php');

$user_name = $_POST['user_name'];
$user_password = $_POST['user_password'];

if (empty($user_name )|| empty($user_password)) {
	$smarty -> assign('error','please input your name or password');

} else {
	// query for the guy who dont not be deleted
	$sql = 'select * from user where user_name = \''.$user_name.'\' and valid = 1';	

	$db = new DB();
	$db -> conn_mysql();
	$user_res = $db -> run_sql_query($sql);
	$user_info = mysql_fetch_array($user_res);

	if ($user_info['user_pwd'] != md5($user_password) 
			|| empty($user_info)) {
		$smarty -> assign('error','The user is not exist,or the password is not right.');
		$smarty -> display('./admin/admin-login.tpl');
	} else {
		$_SESSION['USER_NAME'] = $user_name;
		$_SESSION['USER_ID'] = $user_info[id];
//		header("location: ./index.php");
		header(sprintf("Location: %s", 'index.php'));
//		$smarty -> assign('user_name',$user_name);
//		$smarty -> display('./admin/index.tpl');
		
	}
}




?>